germany

17 Articles

Expired Certificate Causes German Payment Meltdown

May 30, 2022 by 83 Comments

For most Hackaday readers the process of buying groceries this weekend has been a relatively painless one, however we’re guessing some of our German friends will have found their cards unexpectedly declined. The reason? A popular model of payment card terminal, the Verifone H5000, has suffered what has been described as a “software malfunction”. So exactly what has happened? The answer is as simple as it is unfortunate: a security certificate for German transaction processing stored on the device has expired.

The full story exposes the flaws in assuming that a payment terminal is an appliance rather than a computer and its associated software that needs updating like any other. The H5000 is an old terminal that ceased production back in the last decade and has reached end-of-life, however it has remained in use and perhaps more seriously, remained in the supply chain to merchants buying a terminal. With updates requiring a site visit rather than an over-the-air upgrade, it’s likely that the effects of this mess could last a while.

In case the hardware for this type of equipment interests you, we’ve had a teardown on another Verifone terminal in the past.

Hackaday Links Column Banner

Hackaday Links: July 12, 2020

July 12, 2020 by 30 Comments

Based in the US as Hackaday is, it’s easy to overload the news with stories from home. That’s particularly true with dark tales of the expanding surveillance state, which seem to just get worse here on a daily basis. So we’re not exactly sure how we feel to share not one but two international stories of a dystopian bent; one the one hand, pleased that it’s not us for a change, but on the other, sad to see the trend toward less freedom and more monitoring spreading.

The first story comes from Mexico, where apparently everything our community does will soon be illegal. We couch that statement because the analysis is based on Google translations of reports from Mexico, possibly masking the linguistic nuances that undergird legislative prose. So we did some digging and it indeed appears that the Mexican Senate approved a package of reforms to existing federal copyright laws that will make it illegal to do things like installing a non-OEM operating system on a PC, or to use non-branded ink cartridges in a printer. Reverse engineering ROMs will be right out too, making any meaningful security research illegal. There appear to be exceptions to the law, but those are mostly to the benefit of the Mexican government for “national security purposes.” It’ll be a sad day indeed for Mexican hackers if this law is passed.

The other story comes from Germany, where a proposed law would grant sweeping surveillance powers to 19 state intelligence bodies. The law would require ISPs to install hardware in their data centers that would allow law enforcement to receive data and potentially modify it before sending it on to where it was supposed to go. So German Internet users can look forward to state-sponsored man-in-the-middle attacks and trojan injections if this thing passes.

OK, time for a palate cleanser: take an hour to watch a time-lapse of the last decade of activity of our star. NASA put the film together from data sent back by the Solar Dynamics Observatory, a satellite that has been keeping an eye on the Sun from geosynchronous orbit since 2010. Each frame of the film is one hour of solar activity, which may sound like it would be boring to watch, but it’s actually quite interesting and very relaxing. There are exciting moments, too, like enormous solar eruptions and the beautiful but somehow terrifying lunar transits. More terrifying still is a massive coronal mass ejection (CME) captured in June 2011. A more subtle but fascinating phenomenon is the gradual decrease in the number of sunspots over the decade as the Sun goes through its normal eleven-year cycle.

You’ll recall that as a public service to our more gear-headed readers that we recently covered the recall of automotive jack stands sold at Harbor Freight, purveyor of discount tools in the USA. Parts for the jack stands in question had been cast with a degraded mold, making the pawls liable to kick out under load and drop the vehicle, with potentially catastrophic results for anyone working beneath. To their credit, Harbor Freight responded immediately and replaced tons of stands with a new version. But now, Harbor Freight is forced to recall the replacement stands as well, due to a welding error. It’s an embarrassment, to be sure, but to make it as right as possible, Harbor Freight is now accepting any of their brand jack stands for refund or store credit.

And finally, if you thought that the experience of buying a new car couldn’t be any more miserable, wait till you have to pay to use the windshield wipers. Exaggeration? Perhaps only slightly, now that BMW “is planning to move some features of its new cars to a subscription model.” Plans like that are common enough as cars get increasingly complex infotainment systems, or with vehicles like Teslas which can be upgraded remotely. But BMW is actually planning on making options such as heated seats and adaptive cruise control available only by subscription — try it out for a month and if you like it, pay to keep them on for a year. It would aggravate us to no end knowing that the hardware supporting these features had already been installed and were just being held ransom by software. Sounds like a perfect job for a hacker — just not one in Mexico.

The High Seas Are Open Source

March 1, 2020 by 9 Comments

One of the biggest problems of owning an older boat (besides being a money pit – that is common to all boats regardless of age) is the lack of parts and equipment, and the lack of support for those parts if you can find them at all. Like most things, this is an area that can benefit greatly from some open source solutions, which the Open Boat Projects in Germany has been able to show. (Google Translate from German)

This group has solutions for equipment problems of all kinds for essentially any sized boat. At their most recent expo, many people were interested in open source solutions for situations where there is currently only an expensive proprietary option, such as support for various plotting devices. This isn’t the only part of this project, though. It includes many separate projects, like their solutions for autopilot and navigation. There are even complete hardware packages available, all fully documented.

Open source solutions for large, expensive things like this are often few and far between for a number of reasons. There are limited options for other modes of open source transportation too, as it seems like most large companies are not willing to give up their secrets easily. Communities like this, however, give us hope that people will have other options for repairing their vehicles without having to shell out too much money.

Thanks to [mip] for the tip!

Put An Arduino Enigma In Your Pocket

March 28, 2019 by 15 Comments

The German Enigma device has always been a fascinating gadget for hackers. We’ve seen various replicas and emulators created over the years, and it was recently even the subject of our weekly Hack Chat. But if you think about it it’s not really a surprise; the Enigma has the perfect blend of historical significance and engineering wizardry, with a healthy dash of mystery thrown in. Why do the bad guys always have the coolest toys?

If you’ve ever wanted your own little Enigma replica to explore, [Mark Culross] has put together a project which makes it easier than ever. In fact, it’s so straightforward that some of you reading this post will probably be able to put one together as soon as you’ve read this post from stuff you already have lying around in the parts bin. All you need is an Arduino Uno, an Adafruit 2.8″ TFT Touch Shield, and a penchant for World War II technology.

Thanks to the relatively high-resolution touch screen, [Mark] was able to develop a user interface for his Enigma that really gives you a feel for how the original machine worked. Obviously it’s considerably simplified from the real-world version, but using a stylus to tap the rotors you want to spin or the wires you want plugged in makes for a more immersive experience than many of the previous attempts we’ve seen. With a tap you’re even able to load historical machine configurations, such as how the Enigma aboard the submarine U-262 was configured when the Allies intercepted its encoded messages in 1942.

[Mark] says this project was always about developing the software, and he leaves the actual hardware implementation as an exercise for the user. Just to play around with the software it’s enough to hook up an Arduino and the touch screen, but we’d love to see somebody really take the idea and run with it. Add some batteries, a charging circuit, and put it all in a little wooden box for that authentic Enigma look. Can’t forget that iconic wrinkle finish paint, either.

Over the years, we’ve seen replica Enigma machines in all shapes and sizes. From ones you could mount on your wrist, to full size replicas using modern components. We’ve even seen one variation that you can print out on a couple of sheets of paper. The parade of recreations shows no sign of stopping, and we wouldn’t have it any other way.

Continue reading “Put An Arduino Enigma In Your Pocket”

Operation Backfire: Witness To The Rocket Age

February 5, 2019 by 48 Comments

As the prospects for Germany during the Second World War began to look increasingly grim, the Nazi war machine largely pinned their hopes on a number of high-tech “superweapons” they had in development. Ranging from upgraded versions of their already devastatingly effective U-Boats to tanks large enough to rival small ships, the projects ran the gamut from practical to fanciful. After the fall of Berlin there was a mad scramble by the Allied forces to get into what was left of Germany’s secretive development facilities, with each country hoping to recover as much of this revolutionary technology for themselves as possible.

V-2 launch during Operation Backfire

One of the most coveted prizes was the Aggregat 4 (A4) rocket. Better known to the Allies as the V-2, it was the world’s first liquid fueled guided ballistic missile and the first man-made object to reach space. Most of this technology, and a large number of the engineers who designed it, ended up in the hands of the United States as part of Operation Paperclip. This influx of practical rocketry experience helped kick start the US space program, and its influence could be seen all the way up to the Apollo program. The Soviet Union also captured V-2 hardware and production facilities, which subsequently influenced the design of their early rocket designs as well. In many ways, the V-2 rocket was the spark that started the Space Race between the two countries.

With the United States and Soviet Union taking the majority of V-2 hardware and personnel, little was left for the British. Accordingly their program, known as Operation Backfire, ended up being much smaller in scope. Rather than trying to bring V-2 hardware back to Britain, they decided to learn as much as they could about it in Germany from the men who used it in combat. This study of the rocket and the soldiers who operated it remains the most detailed account of how the weapon functioned, and provides a fascinating look at the incredible effort Germany was willing to expend for just one of their “superweapons”.

In addition to a five volume written report on the V-2 rocket, the British Army Kinematograph Service produced “The German A.4 Rocket”, a 40 minute film which shows how a V-2 was assembled, transported, and ultimately launched. Though they are operating under the direction of the British government, the German soldiers appear in the film wearing their own uniforms, which gives the documentary a surreal feeling. It could easily be mistaken for actual wartime footage, but these rockets weren’t aimed at London. They were being fired to serve as a historical record of the birth of modern rocketry.

Continue reading “Operation Backfire: Witness To The Rocket Age”

I’m Sorry, Alexander, I’m Afraid I Can’t Do That

November 24, 2018 by 21 Comments

Getting people to space is extremely difficult, and while getting robots to space is still pretty challenging, it’s much easier. For that reason, robots and probes have been helping us explore the solar system for decades. Now, though, a robot assistant is on board the ISS to work with the astronauts, and rather than something impersonal like a robot arm, this one has a face, can navigate throughout the ship, and can respond to voice inputs.

The robot is known as CIMON, the Crew Interactive Mobile Companion. Built by Airbus, this interactive helper will fly with German astronaut Alexander Gerst to test the concept of robotic helpers such as this one. It is able to freely move about the cabin and can learn about the space it is in without being specifically programmed for it. It processes voice inputs similarly to a smart phone, but still processes requests on Earth via the IBM Watson AI. This means that it’s not exactly untethered, and future implementations of this technology might need to be more self-contained for missions outside of low Earth orbit.

While the designers have listened to the warnings of 2001 and not given it complete control of the space station, they also learned that it’s helpful to create an interactive robot that isn’t something as off-putting as a single creepy red-eye. This robot can display an interactive face on the screen, as well as use the same screen to show schematics, procedure steps, or anything else the astronauts need. If creepy design is more your style though, you can still have HAL watching you in your house.

Thanks to [Marian] for the tip!

Continue reading “I’m Sorry, Alexander, I’m Afraid I Can’t Do That”

The German Space Program That Never Was

December 4, 2017 by 89 Comments

A previous post discussed the creation of the V-2 rocket, the first man-made object to reach space. Designed and built at the Peenemünde Army Research Center during World War II, the V-2 was intended to be a weapon of mass destruction, but ended up being far more effective as a tool of discovery than it ever did on the battlefield. In fact, historians now estimate that more people died during the development and construction of the V-2 than did in the actual attacks carried out with it. But even though it failed to win the war for Germany, it still managed to change the world in another way: as it served as the basic blueprint for all subsequent rockets right up to modern-day vehicles.

But the V-2 wasn’t the only rocket-powered vehicle that the Germans were working on, a whole series of follow-up vehicles were in the design phase when the Allies took Berlin in 1945. Some were weapons, but not all. Pioneers like Walter Dornberger and Wernher von Braun saw that rocketry had more to offer mankind than a new way to deliver warheads to the enemy, and the team at Peenemünde had begun laying the groundwork for a series of rockets that could have put mankind into space years before the Soviets.

Continue reading “The German Space Program That Never Was”